From 26590618121010bbf7d5b8409af843c766b24578 Mon Sep 17 00:00:00 2001
From: Tomas Tauer <tomas.tauer@pipedrive.com>
Date: Tue, 23 Apr 2024 19:50:26 +0200
Subject: [PATCH 1/4] Escape single quote in required property

---
 index.js               |  2 +-
 test/sanitize7.test.js | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 test/sanitize7.test.js

diff --git a/index.js b/index.js
index b9be60a6..b1205631 100644
--- a/index.js
+++ b/index.js
@@ -387,7 +387,7 @@ function buildInnerObject (context, location) {
       `
     } else if (isRequired) {
       code += ` else {
-        throw new Error('${sanitizedKey} is required!')
+        throw new Error('${sanitizedKey.replace(/'/g, '\\\'')} is required!')
       }
       `
     } else {
diff --git a/test/sanitize7.test.js b/test/sanitize7.test.js
new file mode 100644
index 00000000..568a2d56
--- /dev/null
+++ b/test/sanitize7.test.js
@@ -0,0 +1,20 @@
+'use strict'
+
+const test = require('tap').test
+const build = require('..')
+
+test('required property containing single quote, contains property', (t) => {
+  t.plan(1)
+
+  const stringify = build({
+    type: 'object',
+    properties: {
+      '\'': { type: 'string' }
+    },
+    required: [
+      '\''
+    ]
+  })
+
+  t.throws(() => stringify({}), new Error('"\'" is required!'))
+})

From 02effc81444b0b0512a27c731d6763b66e2ad06d Mon Sep 17 00:00:00 2001
From: Tomas Tauer <tomas.tauer@pipedrive.com>
Date: Tue, 23 Apr 2024 19:50:48 +0200
Subject: [PATCH 2/4] Escape single quote in case the required property is
 missing in the list of properties

---
 index.js               |  4 +++-
 test/sanitize7.test.js | 16 ++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index b1205631..f63207b1 100644
--- a/index.js
+++ b/index.js
@@ -349,7 +349,9 @@ function buildInnerObject (context, location) {
 
   for (const key of requiredProperties) {
     if (!propertiesKeys.includes(key)) {
-      code += `if (obj['${key}'] === undefined) throw new Error('"${key}" is required!')\n`
+      const sanitizedKey = JSON.stringify(key)
+
+      code += `if (obj[${sanitizedKey}] === undefined) throw new Error('${sanitizedKey.replace(/'/g, '\\\'')} is required!')\n`
     }
   }
 
diff --git a/test/sanitize7.test.js b/test/sanitize7.test.js
index 568a2d56..fb75cb4d 100644
--- a/test/sanitize7.test.js
+++ b/test/sanitize7.test.js
@@ -18,3 +18,19 @@ test('required property containing single quote, contains property', (t) => {
 
   t.throws(() => stringify({}), new Error('"\'" is required!'))
 })
+
+test('required property containing single quote, does not contain property', (t) => {
+  t.plan(1)
+
+  const stringify = build({
+    type: 'object',
+    properties: {
+      a: { type: 'string' }
+    },
+    required: [
+      '\''
+    ]
+  })
+
+  t.throws(() => stringify({}), new Error('"\'" is required!'))
+})

From 1c83b8b7580b7aaa77bc2e6364588180b449f0be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCrg=C3=BCn=20Day=C4=B1o=C4=9Flu?= <hey@gurgun.day>
Date: Wed, 1 May 2024 00:45:46 +0200
Subject: [PATCH 3/4] trigger ci

---
 index.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/index.js b/index.js
index f63207b1..862c7c83 100644
--- a/index.js
+++ b/index.js
@@ -350,7 +350,6 @@ function buildInnerObject (context, location) {
   for (const key of requiredProperties) {
     if (!propertiesKeys.includes(key)) {
       const sanitizedKey = JSON.stringify(key)
-
       code += `if (obj[${sanitizedKey}] === undefined) throw new Error('${sanitizedKey.replace(/'/g, '\\\'')} is required!')\n`
     }
   }

From 220373fad4fe4ce249651b63f94ac660aa3d838a Mon Sep 17 00:00:00 2001
From: Tomas Tauer <tomas.tauer@pipedrive.com>
Date: Wed, 1 May 2024 05:36:00 +0200
Subject: [PATCH 4/4] Add tests for double quote in property name

---
 test/sanitize7.test.js | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/test/sanitize7.test.js b/test/sanitize7.test.js
index fb75cb4d..530c1856 100644
--- a/test/sanitize7.test.js
+++ b/test/sanitize7.test.js
@@ -19,6 +19,22 @@ test('required property containing single quote, contains property', (t) => {
   t.throws(() => stringify({}), new Error('"\'" is required!'))
 })
 
+test('required property containing double quote, contains property', (t) => {
+  t.plan(1)
+
+  const stringify = build({
+    type: 'object',
+    properties: {
+      '"': { type: 'string' }
+    },
+    required: [
+      '"'
+    ]
+  })
+
+  t.throws(() => stringify({}), new Error('""" is required!'))
+})
+
 test('required property containing single quote, does not contain property', (t) => {
   t.plan(1)
 
@@ -34,3 +50,19 @@ test('required property containing single quote, does not contain property', (t)
 
   t.throws(() => stringify({}), new Error('"\'" is required!'))
 })
+
+test('required property containing double quote, does not contain property', (t) => {
+  t.plan(1)
+
+  const stringify = build({
+    type: 'object',
+    properties: {
+      a: { type: 'string' }
+    },
+    required: [
+      '"'
+    ]
+  })
+
+  t.throws(() => stringify({}), new Error('""" is required!'))
+})